Article ID: 121970, created on Jun 10, 2014, last review on Jun 20, 2014

  • Applies to:
  • Virtuozzo hypervisor 5.0
Synopsis:            The new Parallels Server Bare Metal 5.0 update provides security fixes.
Issue date:           2014-06-11
Product:               Parallels Server Bare Metal 5.0
Keywords:           'bugfix' 'security'
1. What's Included in This Update
The new packages for Parallels Server Bare Metal 5.0 provide a number of security fixes.
2. Bug Fixes
- An OpenSSL vulnerability could allow for a man-in-the-middle attack against an
  encrypted connection, so an attacker could intercept an encrypted data stream allowing them to
  decrypt, view and then manipulate said data. (#PSBM-27293, #CVE-2014-0224)
- Other OpenSSL vulnerabilities: #CVE-2010-5298, #CVE-2014-0076, #CVE-2014-0195,
  #CVE-2014-0198, #CVE-2014-0221, #CVE-2014-3470.
All Parallels Server Bare Metal 5.0 users are advised to update their tools packages.
3. Obtaining the Update
You can download and install the update using the vzup2date utility included in the Parallels Server
Bare Metal 5.0 distribution.
4. References
Copyright (c) 1999-2014 Parallels Holdings, Ltd. and its affiliates. All rights reserved.

c662da62f00df94fd77ba7a2c9eff4b4 2897d76d56d2010f4e3a28f864d69223 a26b38f94253cdfbf1028d72cf3a498b

Email subscription for changes to this article
Save as PDF